MAGENTO 2 & HTTPS (SSL) CERTIFICATE

In today’s world, it is necessary for the E-stores entrepreneurs to provide customers with a secure shopping environment. The data entry made by the e-buyer should be out of harm’s way and kept. This combination works like a charm and ensures that your customers data is safe and secure.

Using the HTTPS (SSL) certificate for Magento 2 is one of the best ways to secure the confidentiality and safekeeping of data provided by customers.

CONFIGURATION

Once you have purchased an HTTPS (SSL) certificate, the following moves would support you to configure Magento 2 as a safe gateway of your e-business:

Log into to your Magento 2 store.

From your Magento 2 Admin Panel jump to Stores → Configuration

The configuration page will lead you to the General Dropdown, from there, opt for the Web option.

3. The Base URLs (Secure) section would lead you to go for the following execution.

GETTING AN SSL CERTIFICATE

In case you do not have an SSL certificate, you can easily find one on the Web. Not to forget, for buying this sort of a certificate it is mandatory to create a private key followed by a certificate request. To precede this, you’ll require openssl.

If you don’t know openssl, enter one of the commands below to get it.

Debian/Ubuntu Command
Apt-get update
apt-get install openssl

or

RHEL/CentOS Command

By using these commands, you would easily get through with your certificate request placement to the certificate authority.

Shifting from HTTP to HTTPS is a mandatory thing now. The reason behind it is that Google is now utilizing ‘safe websites go first’ approach. This may affect your search engine ratings adversely, mentioned below are few guidelines for you to follow and be prudent.

SECURITY CHECKLIST

Your store’s canonical Tags (i.e. “rel” tags) must not point to the old HTTP version because this will lead to Google deciding your engine rankings, so hold it mandatory to shift your canonical tags to HTTPS from HTTP.

Before shifting to HTTPS your Magento2 sitemap must also be directed towards HTTPS URLs.